Docker, the de facto king of software containerization, is now offering what it describes as an end-to-end Docker platform for enterprises.
Docker Datacenter (DDC) melds open source and commercially licensed components to meet the turnkey needs of Docker's enterprise customers.
Open source advocates won't be thrilled to hear that DDC isn't as flexible as some of its predecessors. But Docker contends its enterprise customers have been clamoring for exactly this kind of tight integration.
An end-to-end answer for enterprises
Scott Johnston, senior vice president of product management at Docker, explained DDC's architecture in a phone call. Its major components are elements that Docker has released in the past -- the 1.0 version of the Universal Control Plane for management and orchestration, the Trusted Registry for managing images, and the commercially supported edition of the Docker Engine itself.
What's new, Johnston explained, is the end-to-end integration between its elements through commercial components such as single sign-on or the integration between Docker Trusted Registry and Universal Control plane -- both specifically designed to appeal to enterprise customers.
"Enterprise customers have asked for integrated solutions where the components all work well together," Johnston said. "The ability to take a digitally signed image from the developer's laptop, to validate its signature and who signed it, to put it into the Trusted Registry and make automated policy decisions from it -- like geofencing or keeping it only in the data center if it's proprietary IP -- those types of benefits have been really exciting to enterprise customers."
Universal Control Plane, as previously mentioned, is one example of strong integration in DDC with commercial components. It comes with Docker Swarm embedded as the container management and orchestration component of choice. This would seem to fly in the face of Docker's professed "batteries included but removable" philosophy, since changing out Swarm with another orchestration framework, like Kubernetes, is only possible in DDC through a service call. (Replacing Swarm outside of DDC hasn't changed.)
Johnston drew a distinction between DDC's approach and the open source side of Docker. With the latter, "nothing is changing." APIs will still be open and components remain swappable. The downstream commercial product, though, is designed for a different type of customer, one that simply wants to get on with work.
"What we're hearing from our enterprise customers," said Johnston, "is that an end-to-end solution is quite valuable for them. They are less concerned about the individual scheduler, and more interested in 'how does this help my end-to-end production workflow?'"
Same tools, new solutions
A major benefit of DDC in the enterprise, Johnston said, is in giving both developers and IT operations a common option for managing containers. Devs create containers using the toolset they're already familiar with and deliver the resulting containers to the Docker Registry Service. Ops then creates RBAC-style rules that describe how resources can be managed to run those containers, so devs can perform self-service provisioning for their work.
Johnston emphasized that on both sides of the dev-ops fence, the tooling already in use stays the same; all the existing Docker APIs can still be leveraged. This means existing development, management, and introspection tools, like Splunk or Docker Inspect, all work out of the box.
Johnston also pointed out that DDC is only a first-iteration, 1.0-level product. If enterprises demand more flexibility, Docker will provide it: "We'll continue to look into the market and see where the requirements are coming from," he said.